In accordance with the UK Data Protection Act 2018 and UK GDPR, this Privacy Notice is intended to provide you with transparent information regarding our Data Protection Policy and how we process your personal data. In doing so, it will explain:
-
Who we are;
-
What information we collect from you and why;
-
Who we share your information with and why;
-
What we do with your information and how long we keep it for;
-
Your rights in relation to your information.
ABOUT US
We are TrinityM Limited trading as Trinity Claims and our office address is Trinity Place, 14 Sovereign Way, Tonbridge TN9 1RS. If you have any questions regarding this Privacy Notice, you can write to our Data Protection Officer at this address, or email dpo@trinityclaims.co.uk. We are a data controller of your personal data. We are registered with the Information Commissioner’s Office (ICO) and our registration number is Z3447332. You can check our registration details on their website which is www.ico.org.uk. Privacy
Policy last updated 12/05/2023.
Please note, Trinity Claims have a separate privacy notice detailing how we manage data in relation to recruitment. To access this, please click here
YOUR PERSONAL DATA
Your personal data consists of many different things where one or more of these can identify you. It may also include personal information which is regarded as more sensitive and is described as 'Special Category Data' under the GDPR. This can include information about your ethnic origin, politics, religion, genetics, biometrics, health or sexuality. We will only process Special Category Data where it is required for processing an insurance claim. For the purposes of this Privacy Notice, we also use the term 'information' to mean 'personal data'.
CHANGES TO OUR DATA PROTECTION POLICY
Our Data Protection Policy and related procedures have been designed to comply with the GDPR. We may change this privacy notice from time to time in order to reflect changes in the law and/or our privacy practices. We encourage you to check this privacy notice for changes whenever you visit our website.
LAWFUL BASIS FOR PROCESSING
In accordance with Articles 6, 13 and 14 of the General Data Protection Regulation (GDPR), we confirm that our lawful basis for processing your personal data is because:-
- it is necessary in relation to a claim administered by us on an insurance policy that you hold, or to meet the legal obligations relating to an insurance claim administered by us.
- It is in our legitimate interests to do so, such as:
- Managing your products and services relating to that, updating your records, tracing your whereabouts to contact you about your account and doing this for recovering debt (where appropriate)
- To perform and/or test the performance of, our products, services and internal processes
- To follow guidance and recommended best practice of government and regulatory bodies
- For management and audit of our business operations including accounting
- To carry out searches at Credit Reference Agencies
- To carry out monitoring and to keep records of our communications with you and our staff
- To administer our good governance requirements and those of other members of our business partners, such as internal reporting and compliance obligations or administration required for AGM processes
- For market research and analysis and developing statistics
- Subject to the appropriate controls, to provide insight and analysis of our customers to business partners either as part of providing products or services, helping us improve products or services, or to assess or to improve the operating of our businesses
- Where we need to share your personal information with people or organizations in order to run our business or comply with any legal and/or regulatory obligations
- To comply with our legal obligations
INTENDED PURPOSES FOR PROCESSING
We collect your personal data in order that we can manage an insurance claim on behalf of the Underwriter
KNOW YOUR RIGHTS
GDPR gives you various rights in relation to the processing of your personal data, as follows:
-
RIGHT TO BE INFORMED - You have the right to receive clear and transparent information regarding why we require your personal data and what we are doing with it, which includes fair processing information as provided by this Privacy Notice.
-
RIGHT OF ACCESS - Your personal data includes information which can directly or indirectly identify you, and you are legally entitled to access that information should you wish to do so. This access is called a Data Subject Access Request (DSAR).
-
RIGHT TO RECTIFICATION - You are entitled to have your personal data rectified if it is inaccurate or incomplete.
-
RIGHT TO ERASURE - In certain circumstances, you have the right to request the deletion or removal of your personal data where there is no compelling reason for its continued processing.
-
RIGHT TO RESTRICT PROCESSING - You have the right to block or suppress the processing of your personal data where you contest its accuracy.
-
RIGHT TO DATA PORTABILITY - In certain circumstances, you are entitled to obtain and reuse your personal data for your own purposes across different services, and this right allows you to move, copy or transfer your personal data easily from one IT environment to another in a safe and secure way without hindrance to your usability.
-
RIGHT TO OBJECT - You also have the right to object to the processing of your personal data.
-
RIGHTS IN RELATION TO AUTOMATED DECISION MAKING & PROFILING - If we use an automated decision making or profiling process, we will be required to give you information about the processing. You will also have the right to request human intervention or challenge a decision. (See below for further information).
If you want to exercise any of these rights, please write to our Data Protection Officer.
WHAT INFORMATION DO WE COLLECT FROM YOU?
We will only collect relevant and sufficient data from you as required in accordance with our lawful basis for processing. Personal information that we’ll process in connection with all of our products and services, if relevant, includes:
-
Personal and contact details, such as title, full name, contact details and contact details history
-
Your date of birth, gender and/or age
-
Your nationality, if needed for the product or service
-
Details of beneficiaries, such as joint policy holders, named drivers
-
Family members (if relevant to the product or service)
-
Records of your contact with us such as via telephone and email, and if you get in touch with us online using our portal, details such as your mobile phone location data, IP address and MAC address
-
The usage of our products and services, and whether those claims were paid out or not (and details related to this)
-
Vehicle information, such as make and model, faults, repairs and repair costs.
-
Information about your use of products or services held with our business partners, such as insurance policies,
-
Information we obtained from third parties, including information about insurance risk, pricing, claims history, instances of suspect fraud and usage history
-
Personal information which we obtain from Credit Reference Agencies and Fraud Prevention Agencies , including public (for example, defaults, CCJs) and shared credit history, financial situation and financial history
-
Fraud, debt and theft information, including details of money you owe, suspected instances of fraud or theft, and details of any devices used for fraud
-
Criminal records information, including alleged offences,
-
Information about your health or if you are a vulnerable customer
-
Information about your property, such as location, value, number of rooms, property type and building work you've had done
-
Financial details about you, such as your salary and details of other income, details of your savings, details of your expenditure, and payment method(s)
-
Details about all of your existing borrowings and loans, if relevant to a claim
-
Information about your employment status, if relevant
-
Your marital status, family, lifestyle or social circumstances, if relevant to the product (for example, the number of dependents you have or if you are a widow or widower)
-
Information we obtain from third parties, including, vehicle details, details of outstanding finance, vehicle claims history, publicly available information, and information to help improve the relevance of our products and services
-
Where relevant, information about any guarantor which you provide in any application
-
Third party transactions; such as where a person other than the policyholder uses the service, information about that person and the transaction
-
Tax information, if relevant (for example, for savings accounts)
-
Your personal data will include your personal details, financial details and other information including your personal circumstances, financial needs, priorities and objectives. You should inform us of any changes to your personal information which you consider to be relevant to the services we are providing to you.
We will collect your personal data from a variety of sources including:
-
From the brokers or underwriters of your insurance policy, including the questions that you answered when purchasing your insurance policy schedule, and the policy schedule and wording to which you agreed
-
Telephone conversations with us- our telephone calls are recorded for regulatory purposes, and when you call us there is a message to inform you of that.
-
Emails or letters you send to us.
-
Meetings with you- where we will gather and update information about you as appropriate to the services we are providing to you.
-
From other sources such as Fraud Prevention Agencies, Credit Reference Agencies, other lenders, HMRC, DWP, publicly available directories and information (for example, telephone directory, social media, internet, news articles), debt recovery and/or tracing agents, other organisations to assist in prevention and detection of crime, police and law enforcement agencies
WHY DO WE COLLECT THIS INFORMATION FROM YOU?
We collect this information because we need :-
-
To validate and process the claim that you have made against an insurance policy on which we are the appointed claims handlers.
-
To improve the operation of our business and that of our business partners
-
To follow guidance and best practice under the change to rules of governmental and regulatory bodies
-
To enable management and auditing of our business operations including accounting
-
To carry out checks at Credit Reference and Fraud Prevention Agencies
-
To monitor and to keep records of our communications with you and our staff
-
To comply with legal and regulatory obligations, requirements and guidance
CONSEQUENCES OF NOT PROVIDING YOUR RELEVANT INFORMATION
Failure to provide relevant information about yourself may impair our ability to provide our services to you, and may lead to your claim being declined
WHO DO WE SHARE YOUR PERSONAL INFORMATION WITH?
Your personal data may be shared with third parties, including:
-
Your insurer/underwriter/broker; or
-
Where disclosure is to any person who provides a service to, or performs a function for, us provided that where we disclose information to any such person we shall ensure that such person uses such information for the same purposes as it was originally supplied to us and/or used by us; or
-
Where it is required to comply with any applicable law or order of a governmental or law enforcement body; or
-
Disclosure is required to investigate, prevent or take action against suspected illegal activities; or
-
Disclosure is required to establish or exercise our legal rights or defend against legal claims.
WHAT DO WE DO WITH YOUR PERSONAL INFORMATION?
We process your personal information so that we can provide our services to you and to meet our contractual, legal and regulatory obligations. The privacy of your personal information is very important to us, and our Data Protection Policy and procedures have been developed to ensure this is always maintained.
HOW LONG DO WE KEEP YOUR INFORMATION FOR?
This will depend upon the nature of the services which we provide to you, and as required to meet contractual, legal and regulatory requirements. If you have made a claim with us, your information will be retained in line with the legal or regulatory requirement to keep it, which protects you and us. This will normally be for a period of 25 years, but may be longer for certain types of insurance claims.
BODY WORN CAMERAS
As part of our protocols, all Trinity Claims field staff are provided with body worn cameras. The purpose of the camera is to provide security to our policyholders and employees. In addition, the footage will be utilised to understand the validity/content of insurance claims. Note that the footage may also be used as evidence, should we have suspicions of fraudulent activity.
During our communications with you, you would have been advised that our visits will be recorded via a body worn camera. Our cameras are fitted with front facing screens so you will be able to fully acknowledge when recording is live. Likewise, an evident red light will demonstrate that there is recording is process.
None of our field staff have access to the recorded footage whilst it is stored on the device. All footage is encrypted and can only be accessed by a small number of senior staff within the business. All cameras are PIN protected and can only be used by specifically trained members of staff.
All recordings will be retained in line with our Privacy Policy.
Please note that Trinity Claims also deploy surveyors, contractors and other third parties which are not directly employed by us. Should they wish to utilise body cameras within the course of their investigations and/or works, please refer directly to their privacy policies.
AUTOMATED DECISION MAKING
We use an automated decision-making process to understand whether you have a potentially valid insurance claim. Where we use an automated decision, using personal information which is legal of has a substantially similar effect, you have certain rights in relation to that decision. In particular, you have the right to receive meaningful information about the logic involved in the decision, the right to human intervention and the right to obtain an explanation of the decision including how to challenge it. You have the right not to be subject to a decision using your personal information which is based solely on automated processing (without human involvement) where that decision produces a legal effect of otherwise significantly affects you. The right does not apply if the decision is;
-
Necessary for the purposes of a contract between us and you
-
Authorised by law
-
Based on your explicit consent
You do however have a right to request human intervention, express your view and challenge a decline decision if you feel it warranted. In order to request human intervention, please contact our claims team.
HOW TO REPORT A CONCERN or MAKE A COMPLAINT ABOUT HOW WE PROCESS YOUR PERSONAL INFORMATION
Protecting the privacy of your personal data is very important to us. However, if you are concerned in any way or wish to make a complaint regarding how we process it, then you should write to our Data Protection Officer. If you are still not satisfied with his response, you can raise your concerns with the Information Commissioner’s Office (ICO), who are our Supervisory Authority in relation to Data Protection. Details of how to contact our Data Protection Officer or the ICO are set out earlier within this Privacy Policy. This does not affect your rights for your complaint to be handled by the Financial Ombudsman’s Service (FOS). Details of the FOS Complaints handling procedures can be provided on request.
This policy was last updated 12th May 2023